Using the Let’s Encrypt Certbot to get HTTPS on your Amazon EC2 NGINX box

by Karan Thakkar

Using the Let’s Encrypt Certbot to get HTTPS on your Amazon EC2 NGINX box

Let’s Encrypt is a new Certificate Authority which provides free SSL certificates (up to a certain limit per week). It came out of beta around a month back and is supported by a wide array of browsers.

Certbot is the official Let’s Encrypt client, developed by the Electronic Frontier Foundation. It makes automatically fetching and deploying SSL/TLS certificates for your web server a relatively straight forward process.

Lets get started.

Step #1

Make sure that you have opened up ports 80 (HTTP) and 443 (HTTPS) in your instance Security Group to public. Certbot will use this to establish connections while generating your certificates.

Note that I spent far too much time to figure out why I couldn’t generate a certificate, while the only issue was that I hadn’t opened up port 443 in my EC2 instance Security Group.

Inbound settings in EC2 Security Group

Step #2

Setup your domain’s CNAME Record to point to the public DNS of your EC2 instance.

Public DNS value in your EC2 instance descriptionThis setting would point api.mydomain.com to my EC2 instance

Step #3

Install Certbot on your instance. Based on your operating system and server, you can find out how to install it on Certbot’s homepage. For NGINX on Ubuntu 14.04, use this.

wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

Run this command in your home directory:

/home/ubtuntu

Step #4

Stop any existing servers running on the port 80 and 443, since those are used by Certbot to verify your domain and generate certificates.

You can restart those servers once you have finished generating the certificates.

Step #5

Run the following command to generate certificates for your domain:

./certbot-auto certonly --standalone -d xyz.yourdomain.com

You can generate certificates for multiple domains using this approach.

Our mission: to help people learn to code for free. We accomplish this by creating thousands of
videos, articles, and interactive coding lessons - all freely available to the public. We also have
thousands of freeCodeCamp study groups around the world.

Donations to freeCodeCamp go toward our education initiatives, and help pay for servers, services,
and staff.